UNDER ATTACK? CALL US

Tips on X-FORWARDED-FOR

Por Jie JiEm Knowledge Base, WAFPostou
Web application firewall management interface screenshot.

In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session.

Test procedure:

Choose System Management > Test Tools > Capture Packets to configure packet capturing between the WAF and the server.

Red circular no entry sign with a white horizontal bar.
Red circular no entry sign with a white horizontal bar.

The captured packet shows that when NSFOCUS WAF works under the reverse proxy mode, NSFOCUS WAF will record the real client IP address in the X-Forward-For header.

Red circular no entry sign with a white horizontal bar.
NSFOCUS
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.